This blog is a personal book on Security/ IDM related thoughts/opinions.
The blog posts are a personal opinion only and neither reflect the views of current/past employers nor any OTHER person living/dead on this planet.

Over a decade ago, the US Congress voted against establishing an unique patient identifier in the US for every individual utilizing health care.

The Healthcare Information and Management Systems Society (HIMSS) is the healthcare industry’s membership organization exclusively focused on providing global leadership for the optimal use of healthcare information technology (IT) and management systems for the betterment of healthcare.

Developed by the HIMSS Patient Identity Integrity Work Group, the purpose of the Patient Identity Integrity White Paper is to identify the complex issues relating to the accuracy and completeness of electronic health data attached to or associated with an individual patient and the linking of all such data within and across systems. The paper discusses the critical business processes that must be in place to support and maintain the integrity of the data for quality of care, patient safety and cost management.

Monday, January 4, 2010

NIST is proud to announce the publication of NIST Special Publication (SP) 800-57, RECOMMENDATION FOR KEY MANAGEMENT, Part 3: Application-Specific Key Management Guidance. This SP is intended to help system administrators and system installers adequately secure applications based on product availability and organizational needs, and to support organizational decisions about future procurements. The guide also provides information for end users regarding application options left under their control in normal use of the application. Recommendations are given for a select set of applications, namely: Public Key Infrastructures (PKI), Internet Protocol Security (IPsec), Transport Layer Security (TLS), Secure/Multipurpose Internet Mail Extensions (S/MIME), Kerberos, Over-the-Air Rekeying of Digital Radios (OTAR), Domain Name System Security Extensions (DNSSEC) and Encrypted File Systems (EFS).